Skip to content

feat: harden plugin and add open source readiness scaffolding#1

Merged
Alfred Tovsen Mo (alfredtm) merged 2 commits into
mainfrom
feat/open-source-readiness
Jun 10, 2026
Merged

feat: harden plugin and add open source readiness scaffolding#1
Alfred Tovsen Mo (alfredtm) merged 2 commits into
mainfrom
feat/open-source-readiness

Conversation

@alfredtm

@alfredtm Alfred Tovsen Mo (alfredtm) commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

What

Two batches of work from a best-practices + open-source-readiness review:

Plugin hardening

  • Tightened allowed-tools: removed unscoped find/sed/curl/oc delete pre-approvals; prepare-app uses the Glob tool, expose-app's curl is scoped to the smoke test, status is now genuinely read-only
  • Pre-provisioned cluster support: a working oc whoami now counts as "has a cluster" even when indev cluster list is empty (clusters set up by admins/colleagues), so first customers are never routed into creating a duplicate
  • Packaging: marketplace.json so the repo is installable as its own marketplace, displayName, working README install instructions, argument-hint on update-image

Open source readiness (from the readiness report)

  • CI: validate workflow runs claude plugin validate --strict on every PR and push to main — now a required status check via the new protect-main ruleset
  • Release Please: automates the version bump in plugin.json (the field that actually delivers updates to installed users) + CHANGELOG + GitHub Releases, driven by Conventional Commits
  • Dependabot for GitHub Actions
  • Docs: CONTRIBUTING.md, AGENTS.md

Done outside this PR (repo settings): description, topics, branch-protection ruleset on main.

Notes for reviewer

  • Release Please needs Settings → Actions → "Allow GitHub Actions to create and approve pull requests" enabled, or its release PR can't be opened
  • Commits to main must follow Conventional Commits from now on (fix:/feat:/…) for versioning to work

🤖 Generated with Claude Code

@alfredtm @claude
feat: harden plugin and add open source readiness scaffolding
636394e 
Skills:
- tighten allowed-tools (drop unscoped find/sed/curl/oc delete; use Glob)
- treat a working kubeconfig as proof of an existing cluster so
  pre-provisioned customers are never routed to create-cluster
- drop redundant user-invocable defaults, add argument-hint to update-image

Plugin packaging:
- add marketplace.json so the repo serves as its own marketplace
- add displayName, fix README install instructions and typo

Open source readiness:
- CI workflow running 'claude plugin validate --strict' on PRs and main
- Release Please config + workflow (bumps plugin.json version, changelog)
- Dependabot for GitHub Actions
- CONTRIBUTING.md, AGENTS.md, CHANGELOG.md

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@alfredtm @claude
ci: pin actions to full commit SHAs per org policy
d37ffed 
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@alfredtm Alfred Tovsen Mo (alfredtm) merged commit 405506c into main Jun 10, 2026
1 check passed
@alfredtm Alfred Tovsen Mo (alfredtm) mentioned this pull request Jun 10, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alfredtm